﻿//JumbotCms_4.1 Final
using System;
using JumbotCms.Common;

namespace JumbotCms.WebFile.User
{
    public partial class _changepass : JumbotCms.API.UserCenter
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            User_Load("", "html");
            if (q("act") != "save")
            {
                Response.Write(GetPageHtml("user_changepass"));
            }
            else
            {
                if (!CheckFormUrl())
                    Response.End();
                string _oldPass = f("txtOldPass");
                string _NewPass = f("txtNewPass1");
                if (_NewPass.Length > 14 || _NewPass.Length < 6)
                {
                    Response.Write("JumbotCms.Alert('请输入6-14位的新密码', '0');");
                }
                else
                {
                    doh.Reset();
                    doh.ConditionExpress = "id=@id and state=1";
                    doh.AddConditionParameter("@id", UserId);
                    object pass = doh.GetValue("jcms_normal_user", "UserPass");
                    if (pass != null)
                    {
                        if (pass.ToString() == GetHash32(_oldPass) || pass.ToString() == GetHash16(_oldPass)) //验证旧密码
                        {
                            doh.Reset();
                            doh.ConditionExpress = "id=@id and state=1";
                            doh.AddConditionParameter("@id", UserId);
                            doh.AddFieldItem("UserPass", GetHash32(_NewPass));
                            doh.AddFieldItem("LastIp", GetUserIp());
                            doh.Update("jcms_normal_user");
                            Response.Write("window.location.href='../index/index.aspx';");
                        }
                        else
                        {
                            Response.Write("JumbotCms.Alert('旧密码错误', '0');");
                        }
                    }
                    else
                    {
                        Response.Write("window.location.href='../login/index.aspx';");
                    }
                }
            }
        }
    }
}
